Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          XjRUA7gIYBbDjExtYhYU4Wy6Ui6mPc5M3BwaMnIFnDI=
Subject key identifier:   3F:D2:DE:5D:2A:4B:45:75:4F:BB:3E:4A:BB:25:18:86:AF:16:C9:D5
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       01967FB43983F3DFF78B7A6B29C3DB621A72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0831
Signing time:             Tue 29 Apr 2025 04:00:39 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:39 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:39 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: 0Mv/Gcleothnd59wpVjo0eabk82mh9O5IH6fZFzzlAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b4:39:83:f3:df:f7:8b:7a:6b:29:c3:db:62:1a:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Apr 29 04:00:39 2025 GMT
            Not After : Apr 30 04:00:39 2025 GMT
        Subject: CN=3fd2de5d2a4b45754fbb3e4abb251886af16c9d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a7:4b:de:79:e3:1f:8a:8f:41:8d:fd:e4:71:
                    42:50:aa:be:fa:4e:49:cd:ed:d1:a4:f1:d1:72:97:
                    5e:73:61:ad:d7:d8:46:0d:09:bd:e0:ce:99:bb:7b:
                    34:17:a8:b7:cd:e7:53:b9:a7:b4:4a:c3:fb:4c:2e:
                    2e:33:6b:c7:8a:53:01:eb:52:81:04:61:d1:e4:78:
                    bc:2d:14:cd:4b:0f:9d:9f:f8:b0:47:4c:f5:ce:d9:
                    fc:fe:15:9b:71:e7:a1:db:bb:34:4d:c4:78:19:89:
                    fe:9b:93:d4:9f:26:c4:24:06:1c:cd:78:ff:7d:c4:
                    0a:5e:14:0b:28:be:35:77:0f:99:7e:dc:84:69:48:
                    e2:81:e8:41:52:46:54:98:d2:78:15:61:75:00:02:
                    f0:bd:e3:04:46:8b:d4:36:00:ed:8d:b4:de:70:bf:
                    b1:6b:92:e6:48:47:15:ed:bb:69:a1:3d:23:af:d1:
                    64:69:39:4a:5b:56:77:32:7b:41:19:64:78:38:57:
                    a1:de:04:25:8d:e8:40:9d:59:4a:d1:5f:a8:a9:b8:
                    fd:f2:ef:95:ae:cb:22:6b:f0:9b:85:82:0b:24:59:
                    a7:d7:04:71:e6:c9:7c:5b:df:9f:14:e5:e9:92:2c:
                    67:e2:bc:b5:04:dd:26:98:42:a0:e3:19:e5:f1:f3:
                    c2:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:D2:DE:5D:2A:4B:45:75:4F:BB:3E:4A:BB:25:18:86:AF:16:C9:D5
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:7b:6f:c2:22:1c:55:80:6e:d2:40:61:79:c7:ab:eb:e6:3b:
         f7:60:55:60:98:64:d8:3e:db:fd:d3:08:98:50:8d:a2:ca:2e:
         9a:54:8b:ea:b3:08:4c:4c:65:43:2a:70:27:7b:5d:3d:68:18:
         81:84:85:f0:19:34:a5:c1:e9:f4:8b:c5:91:aa:95:b2:a4:1d:
         2c:d4:4f:99:2d:2e:2e:d4:e9:1a:87:51:62:e4:d1:91:a4:e8:
         35:01:f4:f1:4c:a6:1f:15:63:71:03:02:76:77:a5:d6:f5:b7:
         a6:64:f6:8c:e3:46:d0:9c:83:99:fb:3b:bd:08:05:19:7b:ae:
         8d:3b:47:cb:6c:f3:08:b0:be:cd:8a:f5:ed:78:b9:3d:0a:98:
         0f:6d:17:85:f0:54:f2:78:86:52:fa:0b:9b:c8:8e:18:63:78:
         92:fa:7a:ed:eb:58:c2:53:0d:5a:df:97:ba:de:7a:71:cf:e1:
         9d:0d:f9:33:6c:93:46:a4:02:f8:c8:7e:97:dd:48:d2:18:16:
         bc:cf:ea:a9:a3:62:c7:7c:55:3b:2b:34:e2:a2:32:37:24:a1:
         ec:f3:af:6d:52:f4:a7:42:5b:97:34:cd:f0:d6:24:87:64:88:
         2d:44:ce:38:6f:6f:d0:81:ca:89:04:b7:21:28:70:d5:32:7b:
         02:9c:7e:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tDmD89/3i3prKcPbYhpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjUwNDI5MDQwMDM5WhcNMjUwNDMwMDQwMDM5WjAzMTEwLwYDVQQD
EygzZmQyZGU1ZDJhNGI0NTc1NGZiYjNlNGFiYjI1MTg4NmFmMTZjOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qdL3nnjH4qPQY395HFCUKq++k5J
ze3RpPHRcpdec2Gt19hGDQm94M6Zu3s0F6i3zedTuae0SsP7TC4uM2vHilMB61KB
BGHR5Hi8LRTNSw+dn/iwR0z1ztn8/hWbceeh27s0TcR4GYn+m5PUnybEJAYczXj/
fcQKXhQLKL41dw+ZftyEaUjigehBUkZUmNJ4FWF1AALwveMERovUNgDtjbTecL+x
a5LmSEcV7btpoT0jr9FkaTlKW1Z3MntBGWR4OFeh3gQljehAnVlK0V+oqbj98u+V
rssia/CbhYILJFmn1wRx5sl8W9+fFOXpkixn4ry1BN0mmEKg4xnl8fPCtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/S3l0qS0V1T7s+SrslGIavFsnVMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3tvwiIc
VYBu0kBhecer6+Y792BVYJhk2D7b/dMImFCNosoumlSL6rMITExlQypwJ3tdPWgY
gYSF8Bk0pcHp9IvFkaqVsqQdLNRPmS0uLtTpGodRYuTRkaToNQH08UymHxVjcQMC
dnel1vW3pmT2jONG0JyDmfs7vQgFGXuujTtHy2zzCLC+zYr17Xi5PQqYD20XhfBU
8niGUvoLm8iOGGN4kvp67etYwlMNWt+Xut56cc/hnQ35M2yTRqQC+Mh+l91I0hgW
vM/qqaNix3xVOys04qIyNySh7POvbVL0p0JblzTN8NYkh2SILUTOOG9v0IHKiQS3
IShw1TJ7Apx+KA==
-----END CERTIFICATE-----